diff --git a/Configure b/Configure index c3ebcda3f4..89142eb22e 100755 --- a/Configure +++ b/Configure @@ -484,11 +484,11 @@ my %table=( # Visual C targets # # Win64 targets, WIN64I denotes IA-64 and WIN64A - AMD64 -"VC-WIN64I","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ias:win32", -"VC-WIN64A","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:x86_64cpuid.o:bn_asm.o x86_64-mont.o::aes-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o:::wp-x86_64.o::ml64:win32", +"VC-WIN64I","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE:::WIN64I::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:ia64cpuid.o:ia64.o::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o:::::::ias:win32", +"VC-WIN64A","cl:-W3 -Gs0 -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DUNICODE -D_UNICODE -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE:::WIN64A::SIXTY_FOUR_BIT RC4_CHUNK_LL DES_INT EXPORT_VAR_AS_FN:x86_64cpuid.o:bn_asm.o x86_64-mont.o::aes-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o::rc4-x86_64.o:::wp-x86_64.o::ml64:win32", # x86 Win32 target defaults to ANSI API, if you want UNICODE, complement # 'perl Configure VC-WIN32' with '-DUNICODE -D_UNICODE' -"VC-WIN32","cl:-W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32", +"VC-WIN32","cl:-W3 -WX -Gs0 -GF -Gy -nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE:::WIN32::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${x86_asm}:win32n:win32", # Unified CE target "VC-CE","cl::::WINCE::BN_LLONG RC4_INDEX EXPORT_VAR_AS_FN ${x86_gcc_opts}:${no_asm}:win32", @@ -918,7 +918,8 @@ if (defined($disabled{"tls1"})) $disabled{"tlsext"} = "forced"; } -if (defined($disabled{"ec"})) +if (defined($disabled{"ec"}) || defined($disabled{"dsa"}) + || defined($disabled{"dh"})) { $disabled{"gost"} = "forced"; } diff --git a/INSTALL.W32 b/INSTALL.W32 index 7794cf1ad1..849544bf17 100644 --- a/INSTALL.W32 +++ b/INSTALL.W32 @@ -27,7 +27,7 @@ - Netwide Assembler, a.k.a. NASM, available from http://nasm.sourceforge.net/ is required if you intend to utilize assembler modules. Note that NASM - is the only supported assembler. + is now the only supported assembler. If you are compiling from a tarball or a CVS snapshot then the Win32 files may well be not up to date. This may mean that some "tweaking" is required to @@ -43,7 +43,7 @@ Firstly you should run Configure: - > perl Configure VC-WIN32 --prefix=c:/some/openssl/dir + > perl Configure VC-WIN32 --prefix=c:\some\openssl\dir Where the prefix argument specifies where OpenSSL will be installed to. @@ -56,6 +56,7 @@ - If you don't want to use the assembly language files at all then run: + > perl Configure VC-WIN32 no-asm --prefix=c:/some/openssl/dir > ms\do_ms If you get errors about things not having numbers assigned then check the diff --git a/apps/apps.c b/apps/apps.c index 7294c26f31..b04bfbd3c3 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -921,11 +921,13 @@ EVP_PKEY *load_key(BIO *err, const char *file, int format, int maybe_stdin, &pkey, NULL, NULL)) goto end; } +#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) else if (format == FORMAT_MSBLOB) pkey = b2i_PrivateKey_bio(key); else if (format == FORMAT_PVK) pkey = b2i_PVK_bio(key, (pem_password_cb *)password_callback, &cb_data); +#endif else { BIO_printf(err,"bad input format specified for key file\n"); @@ -989,6 +991,7 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin, { pkey=d2i_PUBKEY_bio(key, NULL); } +#ifndef OPENSSL_NO_RSA else if (format == FORMAT_ASN1RSA) { RSA *rsa; @@ -1018,7 +1021,7 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin, else pkey = NULL; } - +#endif else if (format == FORMAT_PEM) { pkey=PEM_read_bio_PUBKEY(key,NULL, @@ -1028,8 +1031,10 @@ EVP_PKEY *load_pubkey(BIO *err, const char *file, int format, int maybe_stdin, else if (format == FORMAT_NETSCAPE || format == FORMAT_IISSGC) pkey = load_netscape_key(err, key, file, key_descrip, format); #endif +#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) else if (format == FORMAT_MSBLOB) pkey = b2i_PublicKey_bio(key); +#endif else { BIO_printf(err,"bad input format specified for key file\n"); diff --git a/apps/dh.c b/apps/dh.c index c4d891e125..e9609d630d 100644 --- a/apps/dh.c +++ b/apps/dh.c @@ -349,4 +349,10 @@ end: apps_shutdown(); OPENSSL_EXIT(ret); } +#else /* !OPENSSL_NO_DH */ + +# if PEDANTIC +static void *dummy=&dummy; +# endif + #endif diff --git a/apps/dhparam.c b/apps/dhparam.c index 04bd57c6e8..5fab29eb87 100644 --- a/apps/dhparam.c +++ b/apps/dhparam.c @@ -554,4 +554,10 @@ static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb) return 1; } +#else /* !OPENSSL_NO_DH */ + +# if PEDANTIC +static void *dummy=&dummy; +# endif + #endif diff --git a/apps/dsa.c b/apps/dsa.c index 5911f11873..9f38e2b77a 100644 --- a/apps/dsa.c +++ b/apps/dsa.c @@ -334,6 +334,7 @@ bad: i=PEM_write_bio_DSA_PUBKEY(out,dsa); else i=PEM_write_bio_DSAPrivateKey(out,dsa,enc, NULL,0,NULL, passout); +#ifndef OPENSSL_NO_RSA } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) { EVP_PKEY *pk; pk = EVP_PKEY_new(); @@ -345,6 +346,7 @@ bad: else i = i2b_PrivateKey_bio(out, pk); EVP_PKEY_free(pk); +#endif } else { BIO_printf(bio_err,"bad output format specified for outfile\n"); goto end; @@ -365,4 +367,10 @@ end: apps_shutdown(); OPENSSL_EXIT(ret); } +#else /* !OPENSSL_NO_DSA */ + +# if PEDANTIC +static void *dummy=&dummy; +# endif + #endif diff --git a/apps/dsaparam.c b/apps/dsaparam.c index c301e81af1..4305a739b3 100644 --- a/apps/dsaparam.c +++ b/apps/dsaparam.c @@ -475,4 +475,10 @@ static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *cb) #endif return 1; } +#else /* !OPENSSL_NO_DSA */ + +# if PEDANTIC +static void *dummy=&dummy; +# endif + #endif diff --git a/apps/gendh.c b/apps/gendh.c index 47497864b0..caa7327a10 100644 --- a/apps/gendh.c +++ b/apps/gendh.c @@ -235,4 +235,10 @@ static int MS_CALLBACK dh_cb(int p, int n, BN_GENCB *cb) #endif return 1; } +#else /* !OPENSSL_NO_DH */ + +# if PEDANTIC +static void *dummy=&dummy; +# endif + #endif diff --git a/apps/gendsa.c b/apps/gendsa.c index 8a296c66e5..22c39629e5 100644 --- a/apps/gendsa.c +++ b/apps/gendsa.c @@ -279,4 +279,10 @@ end: apps_shutdown(); OPENSSL_EXIT(ret); } +#else /* !OPENSSL_NO_DSA */ + +# if PEDANTIC +static void *dummy=&dummy; +# endif + #endif diff --git a/apps/req.c b/apps/req.c index 3b4ab28e5d..e9b764b90c 100644 --- a/apps/req.c +++ b/apps/req.c @@ -1715,7 +1715,7 @@ static EVP_PKEY_CTX *set_keygen_ctx(BIO *err, const char *gstr, int *pkey_type, ERR_print_errors(err); return NULL; } - +#ifndef OPENSSL_NO_RSA if ((*pkey_type == EVP_PKEY_RSA) && (keylen != -1)) { if (EVP_PKEY_CTX_set_rsa_keygen_bits(gctx, keylen) <= 0) @@ -1726,6 +1726,7 @@ static EVP_PKEY_CTX *set_keygen_ctx(BIO *err, const char *gstr, int *pkey_type, return NULL; } } +#endif return gctx; } diff --git a/apps/rsa.c b/apps/rsa.c index c316da7109..4a6206bb66 100644 --- a/apps/rsa.c +++ b/apps/rsa.c @@ -409,6 +409,7 @@ bad: } else i=PEM_write_bio_RSAPrivateKey(out,rsa, enc,NULL,0,NULL,passout); +#ifndef OPENSSL_NO_DSA } else if (outformat == FORMAT_MSBLOB || outformat == FORMAT_PVK) { EVP_PKEY *pk; pk = EVP_PKEY_new(); @@ -420,6 +421,7 @@ bad: else i = i2b_PrivateKey_bio(out, pk); EVP_PKEY_free(pk); +#endif } else { BIO_printf(bio_err,"bad output format specified for outfile\n"); goto end; diff --git a/apps/rsautl.c b/apps/rsautl.c index 923e2b682f..b01f004eb3 100644 --- a/apps/rsautl.c +++ b/apps/rsautl.c @@ -342,4 +342,10 @@ static void usage() } +#else /* !OPENSSL_NO_RSA */ + +# if PEDANTIC +static void *dummy=&dummy; +# endif + #endif diff --git a/crypto/bio/bss_dgram.c b/crypto/bio/bss_dgram.c index 9d2b78d3a2..e3967041b3 100644 --- a/crypto/bio/bss_dgram.c +++ b/crypto/bio/bss_dgram.c @@ -61,7 +61,9 @@ #include #include +#ifdef OPENSSL_SYS_VMS #include +#endif #define USE_SOCKETS #include "cryptlib.h" diff --git a/crypto/evp/pmeth_lib.c b/crypto/evp/pmeth_lib.c index 51f0b6ad63..4a05f0b135 100644 --- a/crypto/evp/pmeth_lib.c +++ b/crypto/evp/pmeth_lib.c @@ -77,9 +77,15 @@ extern const EVP_PKEY_METHOD ec_pkey_meth, hmac_pkey_meth; static const EVP_PKEY_METHOD *standard_methods[] = { +#ifndef OPENSSL_NO_RSA &rsa_pkey_meth, +#endif +#ifndef OPENSSL_NO_DH &dh_pkey_meth, +#endif +#ifndef OPENSSL_NO_DSA &dsa_pkey_meth, +#endif #ifndef OPENSSL_NO_EC &ec_pkey_meth, #endif diff --git a/crypto/pem/pvkfmt.c b/crypto/pem/pvkfmt.c index 5d391cfd8e..11e1f10f57 100644 --- a/crypto/pem/pvkfmt.c +++ b/crypto/pem/pvkfmt.c @@ -63,6 +63,7 @@ #include #include #include +#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DSA) #include #include @@ -933,3 +934,4 @@ int i2b_PVK_bio(BIO *out, EVP_PKEY *pk, int enclevel, } return -1; } +#endif diff --git a/engines/e_capi.c b/engines/e_capi.c index e98946c85a..01ef96b85f 100644 --- a/engines/e_capi.c +++ b/engines/e_capi.c @@ -56,12 +56,12 @@ #include #include #include -#include #include #ifdef OPENSSL_SYS_WIN32 #ifndef OPENSSL_NO_CAPIENG +#include #include diff --git a/engines/e_gmp.c b/engines/e_gmp.c index dc9f295e9b..c1f5601b62 100644 --- a/engines/e_gmp.c +++ b/engines/e_gmp.c @@ -85,7 +85,9 @@ #include #include #include +#ifndef OPENSSL_NO_RSA #include +#endif #include #ifndef OPENSSL_NO_HW diff --git a/engines/e_ubsec.c b/engines/e_ubsec.c index e8389de6a1..fe6bdba25b 100644 --- a/engines/e_ubsec.c +++ b/engines/e_ubsec.c @@ -95,14 +95,14 @@ static int ubsec_finish(ENGINE *e); static int ubsec_ctrl(ENGINE *e, int cmd, long i, void *p, void (*f)(void)); static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx); +#ifndef OPENSSL_NO_RSA static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *q, const BIGNUM *dp, const BIGNUM *dq, const BIGNUM *qinv, BN_CTX *ctx); -#ifndef OPENSSL_NO_RSA static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx); -#endif static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx, BN_MONT_CTX *m_ctx); +#endif #ifndef OPENSSL_NO_DSA #ifdef NOT_USED static int ubsec_dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, @@ -302,10 +302,10 @@ static t_UBSEC_diffie_hellman_generate_ioctl *p_UBSEC_diffie_hellman_generate_ioctl = NULL; static t_UBSEC_diffie_hellman_agree_ioctl *p_UBSEC_diffie_hellman_agree_ioctl = NULL; #endif -/* #ifndef OPENSSL_NO_RSA */ static t_UBSEC_rsa_mod_exp_ioctl *p_UBSEC_rsa_mod_exp_ioctl = NULL; +#ifndef OPENSSL_NO_RSA static t_UBSEC_rsa_mod_exp_crt_ioctl *p_UBSEC_rsa_mod_exp_crt_ioctl = NULL; -/* #endif */ +#endif #ifndef OPENSSL_NO_DSA static t_UBSEC_dsa_sign_ioctl *p_UBSEC_dsa_sign_ioctl = NULL; static t_UBSEC_dsa_verify_ioctl *p_UBSEC_dsa_verify_ioctl = NULL; @@ -624,7 +624,6 @@ static int ubsec_rsa_mod_exp(BIGNUM *r0, const BIGNUM *I, RSA *rsa, BN_CTX *ctx) err: return to_return; } -#endif static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, const BIGNUM *q, const BIGNUM *dp, @@ -672,6 +671,7 @@ static int ubsec_mod_exp_crt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, r->top = (BN_num_bits(p) + BN_num_bits(q) + BN_BITS2 - 1)/BN_BITS2; return 1; } +#endif #ifndef OPENSSL_NO_DSA #ifdef NOT_USED @@ -704,6 +704,8 @@ static int ubsec_mod_exp_dsa(DSA *dsa, BIGNUM *r, BIGNUM *a, #endif #endif +#ifndef OPENSSL_NO_RSA + /* * This function is aliased to mod_exp (with the mont stuff dropped). */ @@ -712,7 +714,6 @@ static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, { int ret = 0; -#ifndef OPENSSL_NO_RSA /* Do in software if the key is too large for the hardware. */ if (BN_num_bits(m) > max_key_len) { @@ -720,13 +721,13 @@ static int ubsec_mod_exp_mont(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, ret = (*meth->bn_mod_exp)(r, a, p, m, ctx, m_ctx); } else -#endif { ret = ubsec_mod_exp(r, a, p, m, ctx); } return ret; } +#endif #ifndef OPENSSL_NO_DH /* This function is aliased to mod_exp (with the dh and mont dropped). */ diff --git a/ms/do_ms.bat b/ms/do_ms.bat index 9323336f9b..55014d3fc3 100755 --- a/ms/do_ms.bat +++ b/ms/do_ms.bat @@ -1,9 +1,11 @@ - -perl util\mkfiles.pl >MINFO -perl util\mk1mf.pl no-asm VC-WIN32 >ms\nt.mak -perl util\mk1mf.pl dll no-asm VC-WIN32 >ms\ntdll.mak -perl util\mk1mf.pl no-asm VC-CE >ms\ce.mak -perl util\mk1mf.pl dll no-asm VC-CE >ms\cedll.mak - -perl util\mkdef.pl 32 libeay > ms\libeay32.def -perl util\mkdef.pl 32 ssleay > ms\ssleay32.def + +perl util\mkfiles.pl >MINFO +perl util\mk1mf.pl no-asm VC-WIN32 >ms\nt.mak +perl util\mk1mf.pl dll no-asm VC-WIN32 >ms\ntdll.mak +if x%OSVERSION% == x goto skipce +perl util\mk1mf.pl no-asm VC-CE >ms\ce.mak +perl util\mk1mf.pl dll no-asm VC-CE >ms\cedll.mak +:skipce + +perl util\mkdef.pl 32 libeay > ms\libeay32.def +perl util\mkdef.pl 32 ssleay > ms\ssleay32.def